Lecture Notes in Computer Science on Advances in Cryptology-EUROCRYPT'88
Network security via private-key certificates
ACM SIGOPS Operating Systems Review
Authentication in distributed systems: theory and practice
SOSP '91 Proceedings of the thirteenth ACM symposium on Operating systems principles
UNIX system security: a guide for users and system administrators
UNIX system security: a guide for users and system administrators
Communications of the ACM
Network security: private communication in a public world
Network security: private communication in a public world
The official PGP user's guide
A method for obtaining digital signatures and public-key cryptosystems
Communications of the ACM
Security defects in CCITT recommendation X.509: the directory authentication framework
ACM SIGCOMM Computer Communication Review
Robustness Principles for Public Key Protocols
CRYPTO '95 Proceedings of the 15th Annual International Cryptology Conference on Advances in Cryptology
Kerberos plus RSA for world wide web security
WOEC'95 Proceedings of the 1st conference on USENIX Workshop on Electronic Commerce - Volume 1
NSPW '96 Proceedings of the 1996 workshop on New security paradigms
Certificate based PKI and B2B E-commerce: suitable match or not?
Sec '01 Proceedings of the 16th international conference on Information security: Trusted information: the new decade challenge
Preserving peer replicas by rate-limited sampled voting
SOSP '03 Proceedings of the nineteenth ACM symposium on Operating systems principles
The LOCKSS peer-to-peer digital preservation system
ACM Transactions on Computer Systems (TOCS)
Security and usability engineering with particular attention to electronic mail
International Journal of Human-Computer Studies - Special isssue: HCI research in privacy and security is critical now
Mobile Device Security Using Transient Authentication
IEEE Transactions on Mobile Computing
Listen and whisper: security mechanisms for BGP
NSDI'04 Proceedings of the 1st conference on Symposium on Networked Systems Design and Implementation - Volume 1
Why Johnny can't encrypt: a usability evaluation of PGP 5.0
SSYM'99 Proceedings of the 8th conference on USENIX Security Symposium - Volume 8
Token-mediated certification and electronic commerce
WOEC'96 Proceedings of the 2nd conference on Proceedings of the Second USENIX Workshop on Electronic Commerce - Volume 2
Security and usability: the gap in real-world online banking
NSPW '07 Proceedings of the 2007 Workshop on New Security Paradigms
Resistance to change: six reasons why businesses don't use e-signatures
Electronic Commerce Research
The usability of truecrypt, or how i learned to stop whining and fix an interface
Proceedings of the third ACM conference on Data and application security and privacy
The performance of public key-based authentication protocols
NSS'12 Proceedings of the 6th international conference on Network and System Security
Hi-index | 0.00 |
Public-key cryptography has low infrastructural overhead because public-key users bear a substantial but hidden administrative burden. A public-key security system trusts its users to validate each others' public keys rigorously and to manage their own private keys securely. Both tasks are hard to do well, but public-key security systems lack a centralized infrastructure for enforcing users' discipline. A compliance defect in a cryptosystem is such a rule of operation that is both difficult to follow and unenforceable. This paper presents five compliance defects that are inherent in public-key cryptography; these defects make public-key cryptography more suitable for server-to-server security than for desktop applications.